A CRITICAL issue was identified that allows an attacker to bypass SAML authentication. The vulnerability is applicable if the attacker has access to a validly signed SAML assertion or response against the configured Verification certificate. When applicable, an attacker can sign in as any user, including administrators.

The affected supported versions are:

2.8.0 - 2.8.6

2.7.0 - 2.7.10

2.6.0 - 2.6.15

2.5.0 - 2.5.20

2.4.0 - 2.4.22

Note: This is a different vulnerability than the one addressed in GitHub Enterprise 2.8.6, 2.7.10, 2.6.15, and 2.5.20.

A CRITICAL issue was identified that allows an attacker to execute arbitrary commands on the GitHub Enterprise appliance. The vulnerability is applicable if the attacker has access to configure a repository's Webhooks - owner or admin privileges to a repository.

A CRITICAL issue was identified that allows an attacker to execute arbitrary commands on the GitHub Enterprise appliance. This vulnerability exists in the Management Console which is accessible from port 8080 and 8443. This is only applicable to GitHub Enterprise 2.8.0 - 2.8.6.

@mentions would not work for single character organization or team names.

Upcoming deprecation of GitHub Enterprise 2.5

GitHub Enterprise 2.5 will be deprecated as of March 2017. That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, upgrade to the newest version of GitHub Enterprise as soon as possible.

Known Issues

We incorrectly redirect to the dashboard if you accessed GitHub Enterprise using an alias while in private mode. This might happen if you set a fully qualified domain name but the subdomain resolves correctly.

Images uploaded to issues save with an absolute URL, so they can be broken if the hostname changes.

On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.

Custom firewall rules aren't maintained during an upgrade.

Enqueued background jobs are sometimes not purged when a repository is deleted.

svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.